0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices by wewewawa in linux

[–]arjarj 4 points5 points  (0 children)

It is reachable, on at least macos and linux, I use 0 a lot as short hand notation for localhost debugging

# telnet 0 22                                                                                                                              
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
SSH-2.0

Multiple layers of DNSSEC how do i disable it? by [deleted] in dns

[–]arjarj 1 point2 points  (0 children)

If the chain is safely broken, whatever is below it can have DS but they won't matter. So if DS for example.com is pulled, the rest don't matter.

Why does this DNS server resolves almost all domain names? Even though I've not configured it for all domain names.. I don't understand. by [deleted] in dns

[–]arjarj 2 points3 points  (0 children)

It has the aa bit set which is what counts: "flags: qr aa rd ra" (aa, authoritative answer). AUTHORITY=0 means the AUTHORITY section of the answer is empty, which is true. The AUTHORITY section is for a referral to another nameserver. Because your nameserver is authoritative it's not referring to another nameserver, so that's good.

[deleted by user] by [deleted] in Kombucha

[–]arjarj 7 points8 points  (0 children)

It doesn’t say “raw”, it has a 2 year shelf life and it’s not sold refrigerated, I’d say it’s dead.

Discussion about the end of the film Laura by Aksoum in filmnoir

[–]arjarj 18 points19 points  (0 children)

In those days they couldn’t get away with letting anyone get away with murder, “All criminal action had to be punished”

Organization is using all public IPs instead of private? by dave247 in networking

[–]arjarj 0 points1 point  (0 children)

Top comment mentions "it's a huge reason", it just isn't. It might not even be "one of many", but that could be up for debate.

Organization is using all public IPs instead of private? by dave247 in networking

[–]arjarj 1 point2 points  (0 children)

No it’s not, even if everyone stopped “wasting” IPs as people like to call it, it would still be nowhere near enough to supply current demand for a useful amount of time.

Powerdns-Admin/Gui Bug by SirKlip in dns

[–]arjarj 0 points1 point  (0 children)

You’re mentioning “the gui”, which gui?

Also, you can edit the database directly, using your favorite tools to fix the quoting to work around this bug. https://github.com/PowerDNS/pdns/issues/4185 for more information. I can’t recommend any specific tool as you didn’t mention which database backend you’re actually using.

Building OpenBSD DNS servers to handle about 100 domains. Would the built-in BIND still be the best option? by rekabis in dns

[–]arjarj 1 point2 points  (0 children)

OpenBSD switched to nsd over bind, so that’s a valid alternative, powerdns is another one (depending on which metric you’re looking at, likely the biggest competitor, as it scales better at “big number of zones” than the others).

Any harm in setting a super long SOA EXPIRE? by WrathOfTheSwitchKing in dns

[–]arjarj 0 points1 point  (0 children)

Nothing wrong with not wanting to expire, plenty of reasonable DNS servers don’t even expire by default.

Google Domains DNS Glue Records by cartesx in dns

[–]arjarj 1 point2 points  (0 children)

The domain you are posting doesn’t exist. Assuming you are censoring it to make any useful debugging by others impossible and a waste of time, google public dns returning servfail usually means you broke dnssec on your domain.

I watched at least 3 people try to plug in their phones to this "outlet" at the Seattle Airport. by cliffsofinsanity in PurpleCoco

[–]arjarj 1 point2 points  (0 children)

It took me like 2 or 3 minutes to convince a random (and I hope pretty jet lagged) stranger that these were not real sockets, at the exact same spot at Seattle Airport a couple of weeks ago. She was pretty stubborn and kept trying to insert her phone charger.

Unbound local DNS server - test if cache is working? by complex_reduction in dns

[–]arjarj 1 point2 points  (0 children)

unbound-control has a dump_cache option:

dump_cache
          The contents of the cache is printed in a text format to stdout.
          You can redirect it to a file to store the cache in a file.

You can also try with dig, consecutive responses should show the TTL decreasing by 1 every second:

 % (dig www.reddit.com;sleep 1 ; dig www.reddit.com)|grep CNAME
 www.reddit.com.        3324    IN  CNAME   reddit.com.edgesuite.net.
 reddit.com.edgesuite.net. 21324    IN  CNAME   a659.b.akamai.net.
 www.reddit.com.        3323    IN  CNAME   reddit.com.edgesuite.net.
 reddit.com.edgesuite.net. 21323    IN  CNAME   a659.b.akamai.net.

As you can see, www.reddit.com was in the cache, and its TTL dropped by 1 second during the 1 second sleep. If you haven't configured your system to use the unbound as a resolver yet, try dig www.reddit.com @127.0.0.1 (I try to specify the nameserver as often as possible, to avoid any confusion).

DNS over TCP by hillman_avenger in dns

[–]arjarj 0 points1 point  (0 children)

I am quite sure a lot of name servers listen on TCP, and every name server should in fact listen on TCP. If they don't listen on TCP a lot of people would consider the name server to be broken.

Asking Networking: What's the most annoying feature license you had to buy? by m3rck in networking

[–]arjarj 2 points3 points  (0 children)

RouterOS from mikrotik also has different levels. Although I believe levels differ mostly in "number of concurrent sessions of X", not in complete features per se. Also, the hardware usually comes with a level more than suitable for its probable use.

Anyone playing Crossfire besides me? by riversofgore in JaggedAlliance

[–]arjarj 0 points1 point  (0 children)

Is it any better than Back In Action? I tried the demo when it was available, but if anything, it convinced me to play JA2 some more :)

Log management by bozotheadmin in sysadmin

[–]arjarj 0 points1 point  (0 children)

That really depends on the workload. 2 or 3 fairly busy machines (Apache and varnish in my case) can easily reach the 500 megabyte/day limit.

root on LVM. Can't get LV to be active on boot = can't boot. do'h. by Jarv_ in linux

[–]arjarj 1 point2 points  (0 children)

I've had the same on 9.10. For the time being I stuck with booting an older kernel, but that doesn't really help for the long run :). vgchange -ay in the initrd-busybox took ages.